Extended data storage

ABSTRACT

Methods and apparatus are provided for configuring a contactless application on a chip within a portable device comprising input/output means arranged to communicate with other devices via a contact connection and via a contactless connection. One such method comprises a first process and a second process. The first process comprises receiving, at the chip and from a first other device, a set of computer instructions, to be executed by the chip, to create a contactless application in a data store of the chip and initialise at least one file associated with the contactless application. The first process further comprises configuring the contactless application in accordance with the set of computer instructions. The second process comprises executing, by the chip of the portable device, the contactless application, whereby to transmit data to a second other device. The first process is conducted via physical contact between the first other device and the portable device and the second process is conducted via contactless communication between the portable device and a contactless reader of the second other device.

CROSS-REFERENCES TO RELATED APPLICATIONS

This application is a National Stage of International Application No.PCT/EP2017/061376 filed May 11, 2017, and which claims the benefit ofGreat Britain Patent Application No. 1608444.4 filed May 13, 2016, ofwhich are all herein incorporated by reference.

TECHNICAL FIELD

The present disclosure relates to methods, systems and computer programsfor configuring and using a contactless application via contact andcontactless interactions.

BACKGROUND

Transactions are frequently conducted using portable devices, forexample payment cards. Such portable devices are often capable ofinteracting via both contact and contactless connections. An example ofa contact interaction is a “chip and PIN” interaction according to theEMV (Europay, MasterCard, Visa) standard, which describes smart cardswhich store and process data in integrated circuits. In a “chip and PIN”interaction, the card is inserted into a reader, for example in a pointof sale terminal, which reads card data via contacts on the surface ofthe card, and the user authenticates their identity by providing a PIN.In a contactless interaction, data is transmitted from a chip of thecard to a reader using short-range radio transmissions. An example of achip for contactless interactions is a MIFARE chip, for example MIFAREDESFire, supplied by NXP Semiconductors.

The capacity for contact and contactless transactions may be combined ina single “dual application” card. These typically require contacttransactions to be processed by one application on the card, andcontactless transactions to be processed by a different application,with minimal intra-card communication between the two applications. Aninteraction requiring both applications would thus require the user toalternate between contact and contactless interactions.

SUMMARY

According to a first aspect of the present disclosure, there is provideda method for configuring a contactless application on a chip within aportable device. The portable device comprises input/output meansarranged to communicate with other devices via a contact connection andvia a contactless connection. The method comprises a first process and asecond process.

The first process comprises:

-   -   receiving, at the chip and from a first other device, a set of        computer instructions, to be executed by the chip, to:        -   create a contactless application in a data store of the            chip; and        -   initialise at least one file associated with the contactless            application,        -   configuring the contactless application in accordance with            the set of computer instructions.

The second process comprises:

-   -   executing, by the chip of the portable device, the contactless        application, whereby to transmit data to a second other device.

The first process is conducted via physical contact between the firstother device and the portable device and the second process is conductedvia contactless communication between the portable device and acontactless reader of the second other device.

In this manner, the method allows a contactless application to bedynamically configured via a contact interaction of the portable devicewith the first other device. This is significantly cheaper thanpre-configuring portable devices with specific applications desired by agiven user, and can be more efficiently scaled in response to increasingdemand for portable devices.

Further features and advantages of the disclosure will become apparentfrom the following description of preferred embodiments, given by way ofexample only, which is made with reference to the accompanying drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

FIGS. 1A and 1B show schematic representations of system architecturesaccording to embodiments of the present disclosure;

FIG. 2 shows a schematic representation of a series of steps forconfiguring a contactless application according to an example;

FIG. 3 shows an example structure of a contactless application;

FIG. 4 shows a schematic representation of content of a computerinstruction to create a contactless application according to an example;

FIGS. 5A and 5B show schematic representations of content of examplecomputer instructions to initialise or change keys associated with acontactless application;

FIG. 6 shows a schematic example of content of computer instructions tocreate files of different types associated with a contactlessapplication;

FIG. 7 is a schematic representation of content of an instruction to,following creation of a file associated with a contactless application,initialise data associated with that file; and

FIG. 8 is a schematic representation of a portable device 805 accordingto an embodiment.

DETAILED DESCRIPTION

A system architecture according to embodiments of the present disclosureis shown in FIG. 1A, which depicts a method for configuring acontactless application on a chip 105 within a portable device accordingto an example. The portable device may for example be a payment cardsuch as a smart card operating according to the EMV standard, or acomputing device such as a mobile telephone, tablet or “dongle”configured to conduct contact and contactless interactions. The portabledevice comprises input/output means arranged to communicate with otherdevices via a contact connection and via a contactless connection. Themethod comprises executing a first process 110 and a second process 115.

The first process 110 comprises receiving, at the chip 105 and from afirst other device 120, a set of computer instructions 125, to beexecuted by the chip 105. The first other device 120 may for example bea point of sale (PoS) terminal, an automated teller machine (ATM) oranother computing device communicatively coupled with a deviceconfigured to interact with the chip 105 such as for example a cardreader. The set of instructions 125 comprises instructions to create acontactless application in a data store of the chip and initialise atleast one file associated with the contactless application. In someembodiments, the instructions 125 comprise instructions to initialise atleast one cryptographic key associated with the application. At 130 thechip 105 executes the instructions and the contactless application isthus configured in accordance with the set of instructions, examples ofwhich will be described in more detail below.

In some aspects of the present disclosure a first part of theinstructions 125 is received and executed at a first time and a secondpart of the instructions 125 is received and executed at a second timelater than the first time. The first part of the instructions 125comprises instructions to perform at least one of the tasks of creatingthe contactless application, initialising the at least one fileassociated with the contactless application, and initialising the atleast one cryptographic key associated with the contactless application.The second part of the instructions 125 comprises instructions toperform at least one of the previously-listed tasks not performed inresponse to the first part of the instructions 125.

The first and second parts of the instructions may be received fromdifferent other devices. For example, in one embodiment, the first partof the instructions 125 is received from a pre-configuration device andexecuted by the chip during pre-configuration of the portable devicebefore the portable device is issued to a user. In this example, thefirst part of the instructions comprises instructions to create thecontactless application but does not contain instructions to initialisefiles or cryptographic keys associated with the application. The secondpart of the instructions 125 may then be received from a first device asdescribed above, for example an ATM or point of sale terminal, after theportable device is issued to the user. In this example, the second partof the instructions 125 comprises instructions to initialise the atleast one file and the at least one cryptographic key associated withthe application.

In other examples, the tasks of creating the application, initialisingthe at least one file and initialising the at least one cryptographickey are divided differently between the first and second parts of theinstructions 125. For example, the first part may comprise instructionsto create the application and initialise the at least one cryptographickey, and the second part may comprise instructions to initialise the atleast one file.

The second process 115 comprises executing, by the chip 105 of theportable device, the contactless application, whereby to transmit data135 to a second other device 140.

The first process 110 is conducted via physical contact between thefirst other device 120 and the portable device and the second process115 is conducted via contactless communication between the portabledevice and a contactless reader of the second other device 140. Aspectsof the present disclosure thus allow a contactless application to beconfigured via a contact interaction of the portable device with thefirst other device 120.

In some embodiments, the portable device may comprise a payment cardsuch as a debit card or credit card, comprising an EMV application andconfigured to perform EMV contactless payment transactions by executingthe EMV application. In such an example, the contactless applicationconfigured via the first process 110 may be configured to conduct atransaction other than an EMV payment transaction, and thus the secondprocess 115 may comprise a transaction other than an EMV paymenttransaction, for example a transaction associated with a transit networksuch as accessing a transit network based on pre-paid credit or a seasonticket.

In some such embodiments, the second process 115 is performedindependently of the EMV application such that, during the secondprocess, the payment card acts as a dedicated device for executing thecontactless application. For example, where the contactless applicationis a DESFire application, the payment card acts as a dedicated DESFirecard.

In other embodiments, the second process 115 is performed via the EMVapplication. In such an embodiment, the EMV application is configuredto, during the second process 115, receive the data 135 from thecontactless application and transmit corresponding data to the secondother device 140. The EMV application may also be configured to, duringthe second process 115, receive data from the second other device 140and communicate corresponding data to the contactless application. Thedata transmitted to and from the second other device 140 may comprisecommands in a format associated with the contactless application. Forexample, where the contactless application is a DESFire application, thedata transmitted to and from the second other device 140 may compriseDESFire commands. In such an example, although the data 135 istransmitted via the EMV application, the payment card appears to thesecond other device as a dedicated device for executing the contactlessapplication.

In one embodiment, the contactless application is a contactless paymentapplication such as a transit application for allowing access to atransit network. The second other device 140 may then comprise aturnstile or other access control device of the transit network. In suchan embodiment, the transit application may allow for storage of pre-paidcredit and/or season tickets for redeeming against journeys within thetransit network.

In some embodiments, the first process 110 comprises receiving thecomputer instructions 125, which may be embodied as compressed data,and, if necessary decompressing the compressed data to obtain the set ofcomputer instructions 125. For example, depending on the technology usedfor contact interactions, a maximum size may be imposed on contacttransmissions to the chip 105. If this maximum size is smaller than thesize of instructions 125 typically used to configure 130 a contactlessapplication, the instructions 125 may be compressed in order to allowthem to be transmitted in a single transmission. The chip 105 thendecompresses the instructions 125 into a format suitable for configuring130 the application in the data store, for example a format readable bythe data store. Data may be compressed using any or a combination ofmethods. For example, as described in more detail below, some dataassociated with the application, such as initialisation of filesassociated with the application, may not be strictly required and maythus be omitted. As another example, uncompressed instructions maycomprise repeated series of the same binary value. Such repeated seriesmay be encoded using known run-length encoding algorithms.

In some embodiments, the chip 105 is preconfigured with a template. Thechip 105 uses the template for interpreting the received computerinstructions 125 and generating commands readable by the data store. Forexample, where the data store comprises a DESFire chip, the chip 105uses the template to generate commands, for configuring the applicationin the data store in accordance with the set of instructions 125, in aformat readable by the DESFire chip. The template may for example be anXML template.

In one such embodiment, the template receives the computer instructions125 within, for example, a script. In one arrangement, the chip 105 isconfigured with a template comprising the computer instructions 125, forexample as part of a configuration procedure before the portable deviceis issued to a user. Alternatively, the configuring may take place afterthe portable device is issued to the user; for example the template maybe sent to the portable device within a script. As such, during theconfiguration procedure, the instructions 125 are received and stored onthe portable device. In this example, the computer instructions 125 arethen executed in response to a single command received at the chip 105.The single command may for example be received via a contact orcontactless interaction of the portable device with a terminal such as apoint of sale terminal or ATM. This allows the contactless applicationto, from the perspective of the user, be created in response to thesingle command.

In one example wherein a first part of the instructions 125 is receivedand executed at a first time and a second part of the instructions 125is received and executed at a second time, as described above, thesecond part of the instructions 125 comprises a command to activate thecontactless application. Executing the second part of the instructionsthus comprises activating the contactless application. The second partof the instructions 125 is received at the chip 105 from another device,which may for example be the first other device 120 or a third otherdevice. The second part of the instructions 125 may be received at theportable device chip 105 via physical contact between the other deviceand the portable device. For example, the first other device 120 may bea computing device for configuring the portable device chip 105 beforethe portable device is issued to the user. The third other device maythen comprise a terminal, for example a point of sale terminal or ATM,which transmits the command following a request, for example from theuser, to activate the contactless application. In such embodiments,following configuring of the contactless application, the contactlessapplication is inactive until the second part of the instructions 125 isreceived and the command is executed. The contactless application maythus be activated in response to a received command. In one suchembodiment, the application may not be activated until the user makes apayment associated with the application, for example relating topurchasing pre-paid credit or a token, such as a transit season ticket,associated with the application. The command may for example comprise acryptographic key associated with the contactless application, andexecuting the second part of the instructions may comprise initialisingthe cryptographic key in the contactless application.

FIG. 1B shows a schematic representation of an architecture forimplementing a method according to an aspect of the present disclosure.The architecture comprises a portable device chip 105, first otherdevice 120 and second other device 120 operating for example asdescribed above in relation to FIG. 1A. The portable device chip 105comprises a processor 145 and a data store 150. The computerinstructions 125 received from the first other device 120 comprise theinstructions to create 155 the contactless application as describedabove. The instructions 125 further comprise the instructions toinitialise 160 a file associated with the contactless application, asdescribed above. For example, the instructions to initialise 160 thefile may comprise instructions to create a file structure comprising theat least one file and store within the file structure data associatedwith the at least one file.

FIG. 2 shows a schematic representation of a series of steps forconfiguring a contactless application in a data store 150 of a portabledevice 205 according to an embodiment wherein the contactlessapplication is issued by an application issuer 210 other than a bankissuer 220 associated with the portable device 205. In this embodiment,as described in more detail below, data 215 for configuring andactivating the contactless application is provisioned by the applicationissuer 210 to the bank issuer 220; the bank issuer 220 then transmitsinstructions 125 as described above to the portable device 205, via thefirst other device 120. In this manner, the issuing bank 210 can providefor a third party without direct access to the data store 150 of theportable device 205, i.e. the application issuer 210, to configure acontactless application in the data store 150 of the portable device205.

In this embodiment, an application issuer 210, for example a transitprovider, transmits data 215 associated with the contactless applicationto a bank issuer 220. The bank issuer 220 may for example be an issuingbank associated with the portable device 205 according to the knownfour-party payment model. In some examples data 215 comprisescryptographic keys for activating contactless application and/or otherdata required for configuring and/or activating the contactlessapplication. Data 215 may be sent from the application issuer 210 to thebank issuer 220 in response to a request from the user to theapplication issuer 210 to configure the application.

The bank issuer 220 transmits instructions 125, for configuring theapplication, to the first other device 120, which, as described above,may be an ATM or point of sale terminal. Instructions 125 may forexample comprise a script. Instructions 125 may be transmitted inresponse to a request received at the bank issuer 220 from the firstother device 120. For example, the request from the first other device120 may comprise an authorisation request for configuring theapplication, and instructions 125 may comprise an authorisation responseto the authorisation request. In some examples, the request is sent fromthe first other device 120 following a request from the user, input tothe first other device 120, to configure the contactless application.For example, where the first other device 120 comprises a paymentterminal associated with a transit network, the request from the usermay comprise a request to configure an application for travel on thatnetwork. As regards the embodiment described in relation to third partyapplication issuers, the user may, offline, request configuration of theapplication via a web interface of the application issuer 210. In thisscenario, when a user next inserts their portable device 205 into e.g. apoint of sale terminal, the bank issuer 220 recognises that thisportable device 205 has been flagged for application configuration, andproceeds to configure the contactless application based on the data 215previously received from the application issuer 210.

As described above, the first other device 120 transmits theinstructions 125 to the portable device 205 via a contact connection 230of the portable device 205. The first other device 120 may comprise thenext compatible other device with which the portable device interacts,via the contact connection 230, following the above-mentioned requestfrom the user to configure the application. For example, data 215 may betransmitted to the bank issuer 220 immediately following the requestfrom the user. Instructions 125 may then be transmitted to the next ATM,POS terminal or other device with which the portable device 205undergoes a contact interaction. This next ATM, POS terminal or otherdevice thus comprises the first other device 120.

Other data may also be transmitted between the portable device 205 andthe first other device 120. For example, the portable device 205 maytransmit to the first other device 120 data corresponding to a paymentassociated with the application. Examples of such payments includepayment for an amount of pre-paid credit associated with the applicationand/or payment for a token associated with the application, such as atransit season ticket.

As described above, a contactless application may be dynamicallyconfigured in response to a request from the user. Applications are thusnot required to be pre-configured on the portable device, but may beconfigured when required. This allows mass production of standardportable devices with no applications configured, which can then beconfigured as required by their respective users. This is significantlycheaper than pre-configuring portable devices with the specificapplications desired by a given user, and can be more efficiently scaledin response to increasing demand for portable devices.

The present disclosure also allows a single portable device to beconfigured with applications associated with different applicationissuers, with no communication being required between the applicationissuers. Users may thus carry a smaller number of portable deviceswhilst maintaining access to their desired applications. The presentdisclosure also allows future applications to be supported, for exampleassociated with new application issuers, whilst not requiring users toreceive new portable devices.

FIG. 3 shows a structure of a contactless application 305 according toan example. In this example, which relates to a DESFire chip, up to 28applications may be stored, each of which has a 3-byte ID. Theapplication comprises a cryptographic key algorithm 310, for exampleTDES, 3KTDES or AES. The set of computer instructions 125 to create suchan application comprises instructions to store at least onecryptographic key 315 associated with the application. For example, in aDESFire application, up to 14 keys may be stored comprising a master keyand a number of file keys. The at least one key may be used for exampleto authenticate the portable device during a transaction.

The contactless application 305 comprises at least one file 320. Forexample, a DESFire application can comprise up to 32 different files,each of which has file type 325, access rights 330, communication types335, among others. For example, a DESFire application supports filetypes of “standard”, “backup”, “value”, “linear” and “cyclic”. In someembodiments, only a subset of the available file types may be supportedby a first application, which means that the instructions 125 for thisfirst application can be commensurately smaller than those required foran application that supports all file types. For example, the “value”file type may not be supported.

Access rights 330 are associated with each file 320, for exampleassociated with given classes of administrator and user. Examples ofsuch access rights include “read”, showing that the file 320 may beread, “write”, showing that the file 320 may be written to, “read andwrite”, showing that the file 320 may be read and written to, and“change access rights” showing that the access rights of the file 320may be changed.

Communication protocol data 335 is associated with each file 320,defining communication protocols that must be used when transmittingdata associated with that file 320. Example communication protocolsinclude “plain”, indicating that data may be transmitted as plaintext,“encrypted”, indicating that data must be transmitted encrypted, and“message authentication code (MAC)”, indicating that data must beauthenticated by a message authentication code.

FIG. 4 shows a schematic representation of content 405 of a computerinstruction to create a contactless application according to an example.A counter 410 of the bytes comprising each element of the content 405 isshown. It can be seen that in this example the content 405 comprises 23bytes in total, and comprises a 3-byte Application ID 415. The content405 comprises two bytes 420, 425 associated with cryptographic keys ofthe application. Byte 420 indicates preconditions for changing the key,and byte 425 indicates the number of keys to be stored, file IDsassociated with the keys, and the cryptographic method to be used. Thecontent 405 comprises a 2-byte ISO File ID 430 and an ISO dedicated filename 435 of up to 16 bytes. For example, where the contactlessapplication is a DESFire application that supports ISO emulationinstructions, a file associated with the application may be addressableby either the ISO File ID or by the ISO dedicated file name. In someembodiments, for example where the contactless application is a DESFireapplication that does not support ISO emulation instructions, the ISOFile ID 430 and ISO dedicated file name 435 fields may not be supported.The contactless application may instead support for example nativeDESFire or wrapped commands. In such embodiments, these fields may beomitted from the content 405, permitting a compression of theinstruction size from 23 bytes to 5 bytes.

FIGS. 5A and 5B show schematic representations of content 505, 510 ofcomputer instructions 125 to initialise or change keys associated with acontactless application according to examples. In some embodiments, akey is initialised to a series of zeroes when the application iscreated. The key is then changed to a desired value following aninstruction with content such as that shown in FIGS. 5A and 5B.

FIG. 5A shows an example wherein the key to be changed is not equal to akey used to authenticate the present session. The content 505 of theinstruction comprises a series of bits 515 equal to a binary XOR of thenew key value with the current value. The content 505 comprises a cyclicredundancy check (CRC) 520 corresponding to the XOR 515 and a CRC 525corresponding to the new key value. The CRCs allow error detection andmay be calculated for example using a known CRC-16 algorithm. Thecontent 505 of the instruction comprises padding bits 530, which may forexample comprise a series of zeroes.

FIG. 5B shows an example wherein the key to be changed is equal to a keyused to authenticate the present session. The content 510 of theinstruction comprises the new key value 535 and a CRC 540 correspondingto the new key value 535. The content 510 comprises padding bits 545which may comprise a series of zeroes.

The examples shown in FIGS. 5A and 5B thus require knowledge of thecurrent value of the key to be demonstrated before the key can bechanged, either by providing an XOR of the current value with the newvalue in the example of FIG. 5A, or by using the current value of thekey to authenticate the session in the example of FIG. 5B.

FIG. 6 shows a schematic example of content 605, 610 of content ofcomputer instructions to create files of different types associated witha contactless application according to examples. Content 605 is anexample for creating a file with a file type of “standard” for exampleassociated with a DESFire application, and content 610 is an example forcreating a file with a file type of “cyclic”, for example associatedwith the same DESFire application. Contents 605, 610 comprise anindication 615 of the file type of the file to be created.

The contents, 605, 610 may each comprise a File Number 620 and an ISOfile ID 625 as described above. The contents 605, 610 each comprise acommunication type 630 as described above in relation to FIG. 3. Thecontents 605, 610 each comprise an indication 635 of access rights asdescribed above in relation to FIG. 3.

Content 605, relating to a file of “standard” file type, comprises anindication 640 of file size, expressed for example in bytes. Content610, relating to a file of “cyclic” file type, comprises an indication645 of record size and an indication 650 of a maximum number of cyclicrecords associated with the file.

In some embodiments, one or more fields 615-650 described above may notbe required to create a file associated with a contactless application.For example, an ISO File ID 625 is not required to create a fileassociated with a DESFire application. In such an embodiment, thenon-required field or fields may be omitted from the instructions 125.As another example, the file size 640 may be expressed as a number ofblocks of bytes of predefined size, for example a number of 32-byteblocks. In this example, the size of the file size field 640 is reducedcompared with embodiments in which the file size is expressed as anumber of bytes. In this example, the contactless application supportsonly file sizes of integer multiples of 32 bytes. The instructions 125can thus be commensurately smaller, effectively providing compression ofthe instructions 125.

FIG. 7 is a schematic representation of content 705 of an instructionto, following creation of a file associated with a contactlessapplication, initialise data associated with that file. Content 705comprises a file number 710, associated with the file, to identify thefile. Content 705 comprises an offset 715 indicating an offset withinthe file at which data should be written. For example, a non-zero offsetwould indicate that data should not be written at the start of the file,but at a point indicated by the offset. Content 705 comprises a length720 of data to be written to the file. Content 705 comprises the data725 to be written to the file.

In embodiments, one or more of fields 710-725 may be compressed,allowing corresponding compression of the instructions 125. For example,it may be desirable for many files to be initialised to a sequence ofthe same binary value, such as a sequence of zeroes. In such an example,the data 725 to be written may be compressed using a known run-lengthencoding algorithm. This enables a corresponding compression of theinstructions 125.

FIG. 8 is a schematic representation of a portable device 805 accordingto an embodiment. The portable device may for example be a payment cardor other smart card, or a mobile telecommunication device. The portabledevice 805 comprises input/output means arranged to communicate withother devices via a contact connection 810 and via a contactlessconnection 815.

The portable device 805 comprises a chip 820. The chip is arranged toreceive, from a first other device 825 and via physical contact betweenthe first other device 825 and the portable device 805, a set ofcomputer instructions to be executed by the chip 820. The set ofinstructions comprises instructions to create a contactless applicationin a data store 830 of the chip 805, and to initialise at least one fileassociated with the contactless application. In some embodiments, thecontactless application is a contactless payment application.

The chip 805 is arranged to configure the contactless application inaccordance with a set of computer instructions and to execute thecontactless application, whereby to transmit data to a second otherdevice 835 via contactless communication between the portable device 805and a contactless reader of the second other device 835.

As mentioned above, in some examples the portable device 805 comprises asmart card. In such examples, the physical contact between the portabledevice 805 and the first other device 825 comprises a connection betweena card reader of the first other device 825 and at least one contact padof the smart card 805.

The above embodiments are to be understood as illustrative examples ofthe invention. Further embodiments of the invention are envisaged. Forexample, the contactless application may comprise a token for unlockinghotel room doors and/or accessing facilities at a hotel, all-inclusiveresort or campus. The contactless application may comprise event ticketsor otherwise provide access to event venues. The contactless applicationmay comprise a token for allowing keyless access to a vehicle such as acar, for example a rental car. The contactless application may comprisea value indicating a number of loyalty points accrued by a user, forexample at a particular shop. The contactless application may comprise atoken and/or biometric data for providing authentication of the user'sidentity. It is to be understood that any feature described in relationto any one embodiment may be used alone, or in combination with otherfeatures described, and may also be used in combination with one or morefeatures of any other of the embodiments, or any combination of anyother of the embodiments. Furthermore, equivalents and modifications notdescribed above may also be employed without departing from the scope ofthe invention, which is defined in the accompanying claims.

The invention claimed is:
 1. A method for configuring a contactlessapplication on a chip within a portable device, the portable devicecomprising input/output means arranged to communicate with other devicesvia a contact connection and via a contactless connection, the methodcomprising a first process and a second process, wherein: the firstprocess comprises: receiving, at the chip and from a first other device,a set of computer instructions, to be executed by the chip, to: create acontactless application in a data store of the chip; and initialise atleast one file associated with the contactless application, configuringthe contactless application in accordance with the set of computerinstructions, and the second process comprises: executing, by the chipof the portable device, the contactless application, whereby to transmitdata to a second other device, wherein the first process is conductedvia physical contact between the first other device and the portabledevice and the second process is conducted via contactless communicationbetween the portable device and a contactless reader of the second otherdevice.
 2. A method according to claim 1, comprising activating thecontactless application in response to a command received at the chipfrom a third other device.
 3. A method according to claim 2, comprisingreceiving the command via physical contact between the third otherdevice and the portable device.
 4. A method according to claim 1,wherein the first process comprises: receiving the computer instructionsas compressed data; and decompressing the compressed data to obtain theset of computer instructions.
 5. A method according to claim 1, whereinthe set of computer instructions comprises instructions to initialise atleast one cryptographic key associated with the application.
 6. A methodaccording to claim 1, wherein the computer instructions to initialise atleast one file comprise computer instructions to: create a filestructure comprising the at least one file; and store within the filestructure data associated with the at least one file.
 7. A portabledevice comprising: input/output means arranged to communicate with otherdevices via a contact connection and via a contactless connection; achip arranged to: receive, from a first other device and via physicalcontact between the first other device and the portable device, a set ofcomputer instructions, to be executed by the chip, to: create acontactless application in a data store of the chip; and initialise atleast one file associated with the contactless application, configurethe contactless application in accordance with the set of computerinstructions; execute the contactless application, whereby to transmitdata to a second other device via contactless communication between theportable device and a contactless reader of the second other device. 8.A portable device according to claim 7, wherein the portable device is apayment card.
 9. A portable device according to claim 7, wherein thecontactless application is a contactless payment application.
 10. Aportable device according to claim 7, wherein: the portable devicecomprises a smart card; and the physical contact between the portabledevice and the first other device comprises a connection between a cardreader of the first other device and at least one contact pad of thesmart card.
 11. The method of claim 1, wherein the first other device isan ATM or a POS terminal.